Why AI and cyber fraud are becoming the biggest business risk

AI vulnerabilities and cyber‑enabled fraud now top executive concerns

C‑suite leaders worldwide are waking up to a reality: artificial intelligence isn’t just transforming business, it’s transforming cyber risk. The World Economic Forum’s 2026 Global Cybersecurity Outlook surveyed 800 CISOs and cybersecurity experts, revealing that AI vulnerabilities (87%) and cyber‑enabled fraud and phishing (77%) have overtaken ransomware as the top threats. Ransomware dropped sharply to 54%, down from its previous number one position.

This shift signals a major turning point. Traditional malware attacks that rely on encryption and ransom payments are no longer the dominant threat. Instead, misuse of AI now defines the next phase of digital risk. Cybercriminals are increasingly using accessible AI tools to automate what once required expertise. With generative AI capable of producing high‑quality text, audio, and imagery, even low‑skill actors can launch operations that seem authentic, precise, and convincing.

Leaders cannot ignore that these changes expand both the scale and efficiency of cyberattacks. Michael Daniel, head of the Cyber Threat Alliance, warned that AI‑powered scams may create “an increasingly measurable economic drag across many of the world’s economies.” That’s a measurable business risk. The ability of bad actors to leverage AI means organizations must transition from reactive defenses to proactive security systems that adapt in real time.

The broader implication is strategic. AI is a multiplier. To manage its risks, enterprises need solid policies on data use, AI governance, and responsible deployment. As these threats grow, executives must ensure their technology investments are supported by security frameworks that evolve as quickly as the technology itself.

Generative AI lowers the barriers for executing fraud and social engineering

Generative AI is making online fraud faster, cheaper, and more convincing. Criminals no longer need complex tools to target an organization, they can now use AI to write flawless phishing emails, generate fake documents, or create deepfake audio that passes most verification checks. The result is a global surge in financially‑driven deception that’s reshaping how organizations must think about trust.

According to the World Economic Forum’s latest survey, 73% of cybersecurity professionals reported knowing someone personally affected by cyber‑enabled fraud. The most common types include phishing (62%), invoice or payment fraud (37%), and identity theft (32%). Even simple automation of these attacks produces an overwhelming scale that challenges traditional human‑based detection systems.

Jeremy Jurgens, Managing Director at the WEF, put it clearly: fraud has become the “connective tissue of cyber risk.” It now touches everything, people, companies, and national economies. What makes this trend so concerning isn’t just the rising number of scams, but their increasing credibility. A fraudulent communication today can look and sound legitimate even to trained professionals.

For senior executives, this demands a new level of awareness. Fraud prevention is no longer a purely technical task, it’s a business imperative. It requires coordination between security and financial teams to detect irregular payments, validate client interactions, and continuously train employees to recognize digital deception. The lesson is straightforward: as AI empowers criminals, organizations must empower their defenses at the same pace. This is not about fear; it’s about readiness. Those who get ahead of these new risks will maintain trust, and in turn, maintain market leadership.

Misalignment between executive and technical cybersecurity priorities heightens organizational risk

Inside many organizations, a gap has formed between business and technical leadership on cybersecurity priorities. The National CIO Review’s David Eberly observed that while CEOs focus on fraud and its direct business consequences, CISOs remain centered on compliance, infrastructure, and operational continuity. This difference in focus creates blind spots. When fraud strikes, financial exposure often reveals weaknesses in cross‑team coordination that technology alone cannot fix.

Trustmi’s 2025 Social Engineering Report supports this concern. It found that only 27% of organizations share ownership of fraud prevention between finance and security teams. More than one‑third reported that this lack of coordination had resulted, or nearly resulted, in a fraud incident. These figures make something very clear: cybersecurity risk is not purely technical; it’s operational and strategic.

Encouragingly, collaboration is improving. Splunk data from mid‑2025 shows that 82% of CISOs now report directly to their CEOs, up from 47% in 2023. That trend marks progress in aligning risk management and leadership communication. When those roles operate in sync, detection speeds improve, and damage control becomes far more effective.

For executives, closing this alignment gap should be a top leadership priority. Cybersecurity cannot sit only with the CISO. It must be integrated into every major executive discussion, finance, risk, and operations included. Clear shared accountability enables faster decisions and resource allocation when threats arise. Eberly’s point stands: technical defenses matter, but leadership cohesion determines how resilient a company truly is when faced with an evolving threat landscape.

Ransomware’s declining yields signal a strategic pivot toward data extortion

The ransomware economy is changing. Data shows that attackers are shifting from traditional encryption‑and‑ransom models to pure data extortion. The Google Threat Intelligence Group (GTIG) reports that nearly all top ransomware gangs now prefer stealing and threatening to release information rather than encrypting systems. The reason is simple: it’s more profitable and harder to stop. Successful ransomware deployment dropped from 54% of incidents in 2024 to 36% in 2025, according to GTIG Senior Threat Intelligence Analyst Bavi Sadayappan.

Financial data backs this drop. Chainalysis recorded an 8% decline in total ransomware payments in 2025, even as total incident volume rose. The Financial Crimes Enforcement Network (FinCEN) also observed a sharp decrease in victim payment rates. Together, these trends suggest diminishing returns per attack. As payouts shrink, the ransomware‑as‑a‑service market is fragmenting, pushing cybercriminals toward more opportunistic and scalable tactics, including data theft and fraud.

For business leaders, this trend carries two implications. First, despite fewer successful malware executions, exposure risk is not decreasing, sensitive company data remains the new leverage point. Second, resilience measures must evolve. Backups and recovery systems are no longer sufficient if confidential information can be publicly weaponized.

Organizations that invest in transparency, encryption, and continuous threat monitoring will adapt fastest. This transition in attacker strategy is not just about technology, it’s about economics. Criminal networks go where the money is. When ransom profits drop, they will find other ways to extract value. The companies that anticipate and prepare for this shift will define the new standard for cyber resilience.

Weak identity and access management (IAM) systems are emerging as critical vulnerabilities in the AI era

Identity is becoming the weakest link in enterprise cybersecurity. As businesses adopt AI and autonomous systems, the challenge is no longer just defending networks, it’s confirming who or what is interacting within them. The rapid adoption of AI agents that can perform tasks, make decisions, and access data increases the number of digital entities that must be authenticated. Each one represents a potential entry point for fraud if not properly secured.

Zscaler researchers and data from CSO Online show that around 95% of enterprises using or testing autonomous agents have not implemented sufficient identity controls, including essential methods like public key infrastructure (PKI). This oversight creates vulnerabilities that are difficult to detect and easy for attackers to exploit. The problem extends beyond enterprise systems. FinTech Global reported that consumer fraud losses in the United States rose 25% year‑over‑year to $12.5 billion in 2024, according to the Federal Trade Commission (FTC). The implication is clear: the same weaknesses that endanger corporate data are also eroding consumer trust across the broader digital economy.

For executive teams, securing identity is now a strategic responsibility, not just a technical task. Traditional IAM systems were built for human users, but today’s environment includes machine learning models and automated agents acting independently. Without updated frameworks that account for non‑human access, enterprises risk losing control over their digital environments. AI can compound this risk by generating authentic‑looking credentials or imitating legitimate internal users.

C‑suite leaders need to prioritize IAM modernization as part of their digital transformation strategies. It requires stronger authentication standards, tighter access governance, and ongoing auditing to reduce privilege creep. Teams must continually review who or what has access to core systems and why.

Konstantin Levinzon, co‑founder of Planet VPN, warned that generative AI “is lowering the barriers for executing all kinds of attacks while making them appear more credible.” This reflects the core challenge of the next cybersecurity era, offense powered by AI will evolve faster than traditional defenses unless organizations act with urgency. Businesses that invest early in securing identities, both human and machine, will stand on firmer ground as digital operations continue to accelerate.

Key takeaways for decision-makers

• AI and fraud now surpass traditional cyber threats: AI vulnerabilities and cyber‑enabled fraud have overtaken ransomware as top C‑suite concerns. Leaders should direct investment toward adaptive AI security frameworks that evolve faster than emerging threats.
• Generative AI is transforming how fraud is executed: Criminals are using AI to automate and scale deceptive tactics. Executives should enhance employee awareness and strengthen automated fraud detection to counter increasingly realistic phishing and impersonation attacks.
• Leadership alignment is key to reducing cyber risk: Misalignment between CEOs and CISOs leaves organizations exposed. Decision‑makers need unified governance across finance, security, and operations to ensure quicker, coordinated responses to threats.
• Ransomware economics are changing fast: Attackers are pivoting from traditional encryption to data extortion as payouts decline. Leaders should update incident response plans to handle data exposure risks and invest in stronger data protection and recovery measures.
• Identity and access controls are the next security frontier: Weak IAM systems are becoming a prime vulnerability as AI systems gain access to corporate networks. Executives must modernize identity governance for both human and machine accounts to prevent large‑scale fraud and data misuse.